• Registrarse
  • Iniciar sesión


  • Página 1 de 4 1234 ÚltimoÚltimo
    Resultados 1 al 10 de 34

    Pc muy lenta y no puedo crear punto de restauracion (Solucionado)

    Hola a todos: Tenía Instalado AVG TuneUP en periodo de prueba, había habilitado el modo Turbo. Luego del periodo de prueba lo desinstalé y empezaron los problemas; he notado que no puedo utilizar ni instalar ...

          
    1. #1
      Usuario Avatar de jovasan
      Registrado
      mar 2008
      Ubicación
      Colombia
      Mensajes
      102

      Pc muy lenta y no puedo crear punto de restauracion (Solucionado)

      Hola a todos: Tenía Instalado AVG TuneUP en periodo de prueba, había habilitado el modo Turbo. Luego del periodo de prueba lo desinstalé y empezaron los problemas; he notado que no puedo utilizar ni instalar ciertos programas como el Superantispyware, Google, tampoco me deja crear punto de restauración y la PC demasiado lenta. Tengo W10, anexo log de Hijackthis. Ayuda por favor.

      Logfile of Trend Micro HijackThis v2.0.5
      Scan saved at 18:28:48 Octavio, on 11/12/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.10240.17202)


      Boot mode: Normal

      Running processes:
      C:\Users\VASCOS\Desktop\HijackThis.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      F2 - REG:system.ini: UserInit=C:\WINDOWS\SysWOW64\userinit.exe,
      O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
      O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
      O4 - HKUS\S-1-5-18\..\RunOnce: [panda] reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\RunOnce: [panda_XP] reg.exe delete "HKCU\Software\panda" /f (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\RunOnce: [panda] reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f (User 'Default user')
      O8 - Extra context menu item: &Enviar a OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
      O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
      O9 - Extra button: Complemento Hacer clic para llamar de Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Complemento Hacer clic para llamar de Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
      O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O15 - Trusted Zone: http://*.ma-config.com
      O15 - Trusted Zone: http://*.touslesdrivers.com
      O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
      O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: @%SystemRoot%\system32\AJRouter.dll,-2 (AJRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
      O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\cdpsvc.dll,-100 (CDPSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ClipSVC.dll,-103 (ClipSVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\coremessaging.dll,-1 (CoreMessagingRegistrar) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dcpsvc.dll,-3001 (DcpSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\DevQueryBroker.dll,-100 (DevQueryBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\diagtrack.dll,-3001 (DiagTrack) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\Windows.Internal.Management.dll,-100 (DmEnrollmentSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dmwappushsvc.dll,-200 (dmwappushservice) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dosvc.dll,-100 (DoSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dssvc.dll,-10003 (DsSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\embeddedmodesvc.dll,-200 (embeddedmode) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @EnterpriseAppMgmtSvc.dll,-1 (EntAppSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\tetheringservice.dll,-4097 (icssvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
      O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\lfsvc.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\licensemanagersvc.dll,-200 (LicenseManager) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\moshost.dll,-100 (MapsBroker) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe
      O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\NetSetupSvc.dll,-3 (NetSetupSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\NgcCtnrSvc.dll,-1 (NgcCtnrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\APHostRes.dll,-10002 (OneSyncSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Sincronizar host_Session1 (OneSyncSvc_Session1) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe
      O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-15001 (PimIndexMaintenanceSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Datos de contactos_Session1 (PimIndexMaintenanceSvc_Session1) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\RDXService.dll,-256 (RetailDemo) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
      O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Copias de seguridad de Windows (SDRSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\sensorservice.dll,-1000 (SensorService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SmsRouterSvc.dll,-10001 (SmsRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\windows.staterepository.dll,-1 (StateRepository) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tileobjserver.dll,-1 (tiledatamodelsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-10003 (UnistoreSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: Almacenamiento de datos de usuarios_Session1 (UnistoreSvc_Session1) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-14001 (UserDataSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Acceso a datos de usuarios_Session1 (UserDataSvc_Session1) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\usermgr.dll,-100 (UserManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\usocore.dll,-102 (UsoSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\icsvc.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-101 (vmicheartbeat) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-201 (vmickvpexchange) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-601 (vmicrdv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-301 (vmicshutdown) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-401 (vmictimesync) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-901 (vmicvmsession) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-501 (vmicvss) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: Instantáneas de volumen (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\WalletService.dll,-1000 (WalletService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
      O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wpnservice.dll,-1 (WpnService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe
      O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\XblAuthManager.dll,-100 (XblAuthManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\XblGameSave.dll,-100 (XblGameSave) - Unknown owner - C:\WINDOWS\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\XboxNetApiSvc.dll,-100 (XboxNetApiSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

      --
      End of file - 25981 bytes

    2. #2
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.210

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Saludos jovasan

      Vamos a comprobar si tu sistema está infectado y el problema que tienes es como consecuencia de un malware; realiza lo siguiente:


      Paso 1- Vamos a descargar en TU ESCRITORIO todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía):




      Paso 2- Ahora vamos a ejecutar las herramientas de una en una (cuando haya finalizado una, ejecutas la siguiente), y debes ejecutarlas en el mismo orden que te indico:


      AdwCleaner

      • El primer paso sería cerrar todos los programas que tengas abiertos.
      • Ejecutas Adwcleaner.exe. (Si usas Windows Vista/7 u 8 presionas clic derecho y seleccionas "Ejecutar como Administrador.")
      • A continuación, debes pulsar sobre el botón Escanear ]; el proceso de análisis se iniciará; esperas tranquilamente a que finalice.
      • Cuando termine, pulsas sobre el botón Limpiar.
      • Por último, te va a solicitar Reiniciar el sistema; como es evidente, debes Aceptar.
      • Ya solo queda, guardar el reporte que te aparecerá una vez que reinicies, para copiarlo y pegarlo en tu próxima respuesta.



      JRT.exe

      • Ejecutas Junkware Removal Tool (JRT.exe). (Si usas Windows Vista/7 u 8 presionas clic derecho y seleccionas "Ejecutar como Administrador.")
      • Ahora tienes que pulsar cualquier tecla para que el proceso continúe y esperas a que termine.
      • Cuando finalice, un registro (JRT.txt) se guardará en el escritorio y se abrirá automáticamente.
      • Este reporte debes copiarlo, para pegarlo también en tu próxima respuesta.



      Malwarebytes

      Es conveniente que inviertas unos minutos en leer con detalle su manual, para Configurarlo, Actualizarlo y Usarlo Correctamente.

      • Pulsa sobre Análisis y seleccionas Análisis Personalizado; a continuación pulsas sobre Configurar Análisis: seleccionas todas la unidades que tengas y pulsas sobre Analizar ahora.
      • Cuando Termine el análisis, Seleccionas "Eliminar Seleccionados".
      • Reinicias el sistema.
      • En el apartado "Historial" encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.




      CCleaner

      Debes usar, sus dos opciones principales, de acuerdo a su Manual:

      • "Limpiador": para borrar cookies, temporales de internet y todos los archivos que éste te muestre como obsoletos.
      • "Registro" para limpiar todo el Registro de Windows (haciendo copia de seguridad).
      • NO necesitamos este reporte.



      Paso 3- Por último vamos a ejecutar OTL que lo debes de tener descargado en tu escritorio:

      • Cierra todos programas que tengas abiertos ( msn, internet explorer,mozilla,Emule,Ares..) y hacer doble click en el ícono de OTL para ejecutarlo.
      • Ahora en el menú solo debes cambiar debajo de donde pone: "Tipo de Análisis" poner Resultado Mínimo.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones >> Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar el siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.




      • Presionar el botón >> Analizar.
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.



      Paso 4.-: En tu próxima respuesta, pegas los reportes de las 4 Herramientas (AdwCleaner, JRT, Malwarebytes' y OTL) y no olvides comentar como sigue el problema.




      Saludos
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de jovasan
      Registrado
      mar 2008
      Ubicación
      Colombia
      Mensajes
      102

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Saludos, gracias por la colaboración voy a realizar todo lo que me informas que haga, una vez los haya realizado estaré enviando los reportes e informando como sigue la PC.

    4. #4
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.210

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Perfecto Realiza los pasos con tranquilidad. Estamos en contacto
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de jovasan
      Registrado
      mar 2008
      Ubicación
      Colombia
      Mensajes
      102

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Saludos: He realizado todo lo que me has indicado, a mejorado un poco la velocidad del PC, pero sigue demorado para arrancar cuando lo enciendo. En cuanto al PUNTO DE RESTAURACIÓN no me aparece ningún punto; me informa el CCleaner que el último punto está desactivado por la SEGURIDAD DEL SISTEMA. No se si esto se debe a que hace días tenía instalado el avg tuneup y había activado el Modo Turbo. anexo los LOGS de los programas que pase.

      # AdwCleaner 7.0.5.0 - Logfile created on Sun Dec 17 17:06:57 2017
      # Updated on 2017/29/11 by Malwarebytes
      # Running on Windows 10 Pro (X64)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services deleted.

      ***** [ Folders ] *****

      No malicious folders deleted.

      ***** [ Files ] *****

      No malicious files deleted.

      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      No malicious tasks deleted.

      ***** [ Registry ] *****

      No malicious registry entries deleted.

      ***** [ Firefox (and derivatives) ] *****

      Plugin deleted: Panda Security Toolbar - Visicom Media


      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries deleted.

      *************************

      ::Tracing keys deleted
      ::Winsock settings cleared
      ::Additional Actions: 0



      *************************

      C:/AdwCleaner/AdwCleaner[C0].txt - [1547 B] - [2017/11/17 2:24:41]
      C:/AdwCleaner/AdwCleaner[C1]-.txt - [1538 B] - [2017/11/30 16:53:44]
      C:/AdwCleaner/AdwCleaner[C1].txt - [1538 B] - [2017/11/30 16:47:57]
      C:/AdwCleaner/AdwCleaner[S0].txt - [1504 B] - [2017/11/17 2:17:26]
      C:/AdwCleaner/AdwCleaner[S1].txt - [1473 B] - [2017/11/30 16:42:47]
      C:/AdwCleaner/AdwCleaner[S2].txt - [1334 B] - [2017/12/17 1736]


      ########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt ##########


      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 10 Pro x64
      Ran by VASCOS (Administrator) on 17/12/2017 at 12:15:46,30
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      File System: 3

      Successfully deleted: C:\ProgramData\productdata (Folder)
      Successfully deleted: C:\Users\VASCOS\AppData\Roaming\Mozilla\Firefox\Profiles\zjv9w8fk.default-1474085608708\user.js (File)
      Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (VASCOS) (Task)

      Deleted the following from C:\Users\VASCOS\AppData\Roaming\Mozilla\Firefox\Profiles\zjv9w8fk.default-1474085608708\prefs.js
      user_pref(browser.onboarding.tour.onboarding-tour-singlesearch.completed, true);



      Registry: 1

      Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SWDUMon (Registry Key)




      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 17/12/2017 at 12:32:03,27
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    6. #6
      Usuario Avatar de jovasan
      Registrado
      mar 2008
      Ubicación
      Colombia
      Mensajes
      102

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      continúo enviando los logs.

      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 17/12/17
      Hora del análisis: 12:54
      Archivo de registro: 4ed7655e-e353-11e7-ac74-e0cb4ea029a9.json
      Administrador: Sí

      -Información del software-
      Versión: 3.3.1.2183
      Versión de los componentes: 1.0.262
      Versión del paquete de actualización: 1.0.3508
      Licencia: Gratis

      -Información del sistema-
      SO: Windows 10 (Build 10240.17236)
      CPU: x64
      Sistema de archivos: NTFS
      Usuario: JOSEVAS\VASCOS

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 311509
      Amenazas detectadas: 16
      Amenazas en cuarentena: 16
      Tiempo transcurrido: 4 min, 18 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 8
      RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE, En cuarentena, [650], [249055],1.0.3508
      RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNSAS.EXE, En cuarentena, [650], [249733],1.0.3508
      RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPERANTISPYWARE.EXE, En cuarentena, [650], [249843],1.0.3508
      RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE, En cuarentena, [650], [249055],1.0.3508
      RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNSAS.EXE, En cuarentena, [650], [249733],1.0.3508
      RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPERANTISPYWARE.EXE, En cuarentena, [650], [249843],1.0.3508
      PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE, En cuarentena, [8758], [239345],1.0.3508
      PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE, En cuarentena, [8758], [239345],1.0.3508

      Valor del registro: 8
      RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE|DEBUGGER, En cuarentena, [650], [249055],1.0.3508
      RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNSAS.EXE|DEBUGGER, En cuarentena, [650], [249733],1.0.3508
      RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPERANTISPYWARE.EXE|DEBUGGER, En cuarentena, [650], [249843],1.0.3508
      RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE|DEBUGGER, En cuarentena, [650], [249055],1.0.3508
      RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNSAS.EXE|DEBUGGER, En cuarentena, [650], [249733],1.0.3508
      RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPERANTISPYWARE.EXE|DEBUGGER, En cuarentena, [650], [249843],1.0.3508
      PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE|DEBUGGER, En cuarentena, [8758], [239345],1.0.3508
      PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE|DEBUGGER, En cuarentena, [8758], [239345],1.0.3508

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 0
      (No hay elementos maliciosos detectados)

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)

    7. #7
      Usuario Avatar de jovasan
      Registrado
      mar 2008
      Ubicación
      Colombia
      Mensajes
      102

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Envío Log de OTL

      OTL logfile created on: 17/12/2017 13:52:13 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\VASCOS\Desktop
      64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
      Internet Explorer (Version = 9.11.10240.17202)
      Locale: 00000C0A | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      4,00 Gb Total Physical Memory | 2,96 Gb Available Physical Memory | 73,97% Memory free
      4,69 Gb Paging File | 3,68 Gb Available in Paging File | 78,53% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 292,43 Gb Total Space | 201,56 Gb Free Space | 68,92% Space Free | Partition Type: NTFS
      Drive D: | 638,54 Gb Total Space | 565,06 Gb Free Space | 88,49% Space Free | Partition Type: NTFS
      Drive E: | 11,72 Gb Total Space | 11,43 Gb Free Space | 97,54% Space Free | Partition Type: NTFS
      Drive F: | 126,96 Gb Total Space | 86,95 Gb Free Space | 68,49% Space Free | Partition Type: NTFS
      Drive G: | 51,23 Gb Total Space | 46,12 Gb Free Space | 90,03% Space Free | Partition Type: NTFS

      Computer Name: JOSEVAS | User Name: VASCOS | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - File not found
      PRC - C:\Users\VASCOS\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Archivos de programa\CCleaner\CCleaner64.exe (Piriform Ltd)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe (Microsoft Corporation)
      PRC - C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe (Microsoft Corporation)


      ========== Modules (No Company Name) ==========


      ========== Services (SafeList) ==========

      SRV:64bit: - (DbxSvc) -- C:\Windows\SysNative\DbxSvc.exe (Dropbox, Inc.)
      SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
      SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
      SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
      SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
      SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
      SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
      SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
      SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
      SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
      SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
      SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
      SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
      SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
      SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
      SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
      SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
      SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
      SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
      SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
      SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
      SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
      SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
      SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
      SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
      SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
      SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
      SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
      SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
      SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
      SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
      SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
      SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
      SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
      SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
      SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
      SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
      SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
      SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
      SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
      SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
      SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
      SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
      SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
      SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
      SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
      SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
      SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
      SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
      SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
      SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
      SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
      SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
      SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
      SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
      SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
      SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
      SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
      SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
      SRV:64bit: - (DcpSvc) -- C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
      SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
      SRV:64bit: - (UserDataSvc_Session1) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
      SRV:64bit: - (UnistoreSvc_Session1) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
      SRV:64bit: - (PimIndexMaintenanceSvc_Session1) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
      SRV:64bit: - (OneSyncSvc_Session1) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
      SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
      SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
      SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
      SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
      SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
      SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
      SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
      SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
      SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
      SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
      SRV - (dbupdatem) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
      SRV - (dbupdate) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
      SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
      SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
      SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
      SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
      SRV - (lfsvc) -- C:\Windows\SysWOW64\lfsvc.dll (Microsoft Corporation)
      SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
      SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
      SRV - (GfExperienceService) -- C:\Archivos de programa\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation)
      SRV - (NvStreamSvc) -- C:\Archivos de programa\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
      SRV - (ose64) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (panda_url_filteringd) -- C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys File not found
      DRV:64bit: - (avgTap) -- C:\Windows\SysNative\drivers\avgTap.sys (The OpenVPN Project)
      DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek )
      DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
      DRV:64bit: - (cykbfltrService) -- C:\Windows\SysNative\drivers\cykbfltr.sys (Cypress Semiconductor, Inc.)
      DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (Samsung Electronics Co., Ltd.)
      DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (Samsung Electronics Co., Ltd.)
      DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
      DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
      DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
      DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
      DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
      DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
      DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
      DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
      DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
      DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
      DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
      DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
      DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
      DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
      DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
      DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
      DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
      DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
      DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
      DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
      DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
      DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
      DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
      DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
      DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
      DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
      DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
      DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
      DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
      DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
      DRV:64bit: - (IoQos) -- C:\Windows\SysNative\drivers\ioqos.sys (Microsoft Corporation)
      DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
      DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
      DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
      DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
      DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
      DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
      DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
      DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
      DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
      DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
      DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
      DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
      DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
      DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
      DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
      DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
      DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
      DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
      DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
      DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys ()
      DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
      DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
      DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
      DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
      DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
      DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
      DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
      DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
      DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
      DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
      DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
      DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
      DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
      DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
      DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
      DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
      DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (LSI Corporation)
      DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
      DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
      DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
      DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
      DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
      DRV:64bit: - (swenum) -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys (Microsoft Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
      DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
      DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
      DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
      DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
      DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
      DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
      DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
      DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
      DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
      DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
      DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
      DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athwnx.sys (Qualcomm Atheros Communications, Inc.)
      DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
      DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
      DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
      DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
      DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
      DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
      DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
      DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
      DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys (Microsoft Corporation)
      DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
      DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
      DRV:64bit: - (fcvsc) -- C:\Windows\SysNative\drivers\fcvsc.sys (Microsoft Corporation)
      DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
      DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
      DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
      DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
      DRV:64bit: - (amdide64) -- C:\Windows\SysNative\drivers\amdide64.sys (Advanced Micro Devices Inc.)
      DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
      DRV:64bit: - (Trufos) -- C:\Windows\SysNative\drivers\Trufos.sys (BitDefender S.R.L.)
      DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
      DRV:64bit: - (i8042HDR) -- C:\Windows\SysNative\drivers\i8042HDR.sys (Windows (R) Codename Longhorn DDK provider)
      DRV - (swenum) -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys (Microsoft Corporation)
      DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys (Microsoft Corporation)
      DRV - (NvStreamKms) -- C:\Archivos de programa\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
      DRV - (HWiNFO32) -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (REALiX(tm))


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Hotmail, Outlook, El Tiempo, noticias, videos, en MSN Colombia
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-CO
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3F FA 18 37 E6 F4 CE 01 [binary data]
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.countryCode: "CO"
      FF - prefs.js..browser.search.region: "CO"
      FF - prefs.js..browser.search.widget.inNavBar: true
      FF - prefs.js..browser.startup.homepage: "http://www.google.com"
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll ()
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
      FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll File not found
      FF - HKLM\Software\MozillaPlugins\@verimatrix.com/ViewRightWeb: C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll ()
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll File not found
      FF - HKCU\Software\MozillaPlugins\@verimatrix.com/ViewRightWeb: C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll ()

      64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 57.0.2\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS
      64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 57.0.2\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS

      [2013/12/15 12:34:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\VASCOS\AppData\Roaming\mozilla\Extensions
      [2017/11/16 21:32:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\VASCOS\AppData\Roaming\mozilla\SystemExtensionsDev
      [2017/10/23 12:12:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\VASCOS\AppData\Roaming\mozilla\Firefox\Profiles\zjv9w8fk.default-1474085608708\browser-extension-data
      [2017/11/16 21:13:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\VASCOS\AppData\Roaming\mozilla\Firefox\Profiles\zjv9w8fk.default-1474085608708\browser-extension-data\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
      [2017/10/08 12:44:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\VASCOS\AppData\Roaming\mozilla\Firefox\Profiles\zjv9w8fk.default-1474085608708\browser-extension-data\[email protected]
      [2017/11/16 21:32:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\VASCOS\AppData\Roaming\mozilla\Firefox\Profiles\zjv9w8fk.default-1474085608708\extensions
      [2017/10/23 23:21:28 | 001,313,216 | ---- | M] () (No name found) -- C:\Users\VASCOS\AppData\Roaming\mozilla\firefox\profiles\zjv9w8fk.default-1474085608708\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi
      [2017/02/21 08:37:22 | 000,868,919 | ---- | M] () (No name found) -- C:\Users\VASCOS\AppData\Roaming\mozilla\firefox\profiles\zjv9w8fk.default-1474085608708\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}.xpi
      [2017/12/11 19:59:45 | 000,005,507 | ---- | M] () (No name found) -- C:\Users\VASCOS\AppData\Roaming\mozilla\firefox\profiles\zjv9w8fk.default-1474085608708\features\{644c3211-148c-4262-ab3b-730f394d3cef}\[email protected]
      [2017/12/10 20:32:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions

      ========== Chrome ==========

      CHR - plugin: Error reading preferences file
      CHR - Extension: No name found = C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
      CHR - Extension: No name found = C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
      CHR - Extension: No name found = C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
      CHR - Extension: No name found = C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\3.3.4_0\
      CHR - Extension: No name found = C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
      CHR - Extension: No name found = C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
      CHR - Extension: No name found = C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
      CHR - Extension: No name found = C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
      CHR - Extension: No name found = C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\10.2.0.9900_0\
      CHR - Extension: No name found = C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
      CHR - Extension: No name found = C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
      CHR - Extension: No name found = C:\Users\VASCOS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6117.717.0.4_0\

      O1 HOSTS File: ([2017/07/26 21:54:58 | 000,000,690 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Archivos de programa\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
      O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
      O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
      O4 - Startup: C:\Users\VASCOS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 600
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O9:64bit: - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
      O9:64bit: - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O9:64bit: - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Archivos de programa\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
      O1364bit: - gopher Prefix: missing
      O15 - HKCU\..Trusted Domains: ma-config.com ([]http in Trusted sites)
      O15 - HKCU\..Trusted Domains: touslesdrivers.com ([]http in Trusted sites)
      O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 0.0.0.0
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0c696b33-81af-45d9-a29f-73ee6a5d20de}: DhcpNameServer = 192.168.1.254 0.0.0.0
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{a74c3a7b-363e-4463-8766-6d79e2c242a6}: DhcpNameServer = 192.168.1.254 0.0.0.0
      O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Archivos de programa\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
      O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help - No CLSID value found
      O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\backitup.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\cdspeed.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\coverdes.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\drivespeed.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\dropbox.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\infotool.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\nero.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\nerohome.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\neromediahome.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\neroscoutoptions.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\nerostartsmart.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\neroupgrade.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\nerovision.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\photosnap.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\photosnapviewer.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\recode.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\setupneromobile.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\setupx.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\showtime.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\AcroRd32.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\backitup.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\cdspeed.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\coverdes.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\drivespeed.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\dropbox.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\infotool.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\nero.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\nerohome.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\neromediahome.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\neroscoutoptions.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\nerostartsmart.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\neroupgrade.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\nerovision.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\photosnap.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\photosnapviewer.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\recode.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\setupneromobile.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\setupx.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\showtime.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O34 - HKLM BootExecute: (PCloudBroom64.exe \systemroot\system32\BroomData.bit)
      O34 - HKLM BootExecute: (PCloudBroom64.exe \systemroot\system32\BroomData.bit)
      O34 - HKLM BootExecute: (PCloudBroom64.exe \systemroot\system32\BroomData.bit)
      O34 - HKLM BootExecute: (PCloudBroom64.exe \systemroot\system32\BroomData.bit)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs:64bit: dosvc - C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
      NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
      NetSvcs:64bit: DcpSvc - C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
      NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
      NetSvcs:64bit: NetSetupSvc - C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
      NetSvcs:64bit: dmwappushservice - C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
      NetSvcs:64bit: XblGameSave - C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
      NetSvcs:64bit: XboxNetApiSvc - C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
      NetSvcs:64bit: UsoSvc - C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
      NetSvcs:64bit: UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
      NetSvcs:64bit: lfsvc - C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
      NetSvcs:64bit: DmEnrollmentSvc - C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
      NetSvcs:64bit: XblAuthManager - C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
      NetSvcs:64bit: RetailDemo - C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
      NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


      CREATERESTOREPOINT
      System Restore Service not available.

      ========== Files/Folders - Created Within 30 Days ==========

      [2017/12/17 12:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      [2017/12/17 12:52:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
      [2017/12/17 12:34:17 | 000,000,000 | ---D | C] -- C:\Users\VASCOS\Desktop\LOGS
      [2017/12/17 11:58:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
      [2017/12/17 11:57:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
      [2017/12/17 11:57:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
      [2017/12/17 11:33:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\VASCOS\Desktop\OTL.exe
      [2017/12/14 22:37:32 | 001,790,024 | ---- | C] (Malwarebytes) -- C:\Users\VASCOS\Desktop\JRT.exe
      [2017/12/14 22:34:44 | 008,187,336 | ---- | C] (Malwarebytes) -- C:\Users\VASCOS\Desktop\AdwCleaner.exe
      [2017/12/11 18:28:15 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\VASCOS\Desktop\HijackThis.exe
      [2017/12/07 13:19:08 | 000,000,000 | R--D | C] -- C:\Users\VASCOS\Documents\Scanned Documents
      [2017/12/07 13:19:07 | 000,000,000 | ---D | C] -- C:\Users\VASCOS\Documents\Fax
      [2017/11/29 21:45:36 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\Microsoft
      [2017/11/17 21:03:02 | 000,000,000 | ---D | C] -- C:\Users\VASCOS\Documents\NeroVision

      ========== Files - Modified Within 30 Days ==========

      [2017/12/17 13:43:18 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
      [2017/12/17 13:42:45 | 000,016,148 | ---- | M] () -- C:\WINDOWS\SysNative\JOSEVAS_VASCOS_HistoryPrediction.bin
      [2017/12/17 13:41:01 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
      [2017/12/17 13:40:56 | 1717,219,328 | -HS- | M] () -- C:\hiberfil.sys
      [2017/12/17 13:23:31 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2017/12/17 12:52:31 | 000,001,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
      [2017/12/17 11:57:25 | 000,001,173 | ---- | M] () -- C:\Users\VASCOS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
      [2017/12/17 11:57:14 | 000,000,993 | ---- | M] () -- C:\Users\VASCOS\Desktop\NTREGOPT.lnk
      [2017/12/17 11:57:14 | 000,000,974 | ---- | M] () -- C:\Users\VASCOS\Desktop\ERUNT.lnk
      [2017/12/17 11:33:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\VASCOS\Desktop\OTL.exe
      [2017/12/14 22:37:37 | 001,790,024 | ---- | M] (Malwarebytes) -- C:\Users\VASCOS\Desktop\JRT.exe
      [2017/12/14 22:35:08 | 008,187,336 | ---- | M] (Malwarebytes) -- C:\Users\VASCOS\Desktop\AdwCleaner.exe
      [2017/11/29 09:11:26 | 000,077,432 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\mbae64.sys

      ========== Files Created - No Company Name ==========

      [2017/12/17 13:42:45 | 000,016,148 | ---- | C] () -- C:\WINDOWS\SysNative\JOSEVAS_VASCOS_HistoryPrediction.bin
      [2017/12/17 13:23:31 | 000,000,863 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2017/12/17 12:52:31 | 000,001,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
      [2017/12/17 11:57:25 | 000,001,173 | ---- | C] () -- C:\Users\VASCOS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
      [2017/12/17 11:57:14 | 000,000,993 | ---- | C] () -- C:\Users\VASCOS\Desktop\NTREGOPT.lnk
      [2017/12/17 11:57:14 | 000,000,974 | ---- | C] () -- C:\Users\VASCOS\Desktop\ERUNT.lnk
      [2017/10/24 0001 | 000,000,488 | RHS- | C] () -- C:\Users\VASCOS\ntuser.pol
      [2017/06/20 11:09:40 | 000,006,576 | ---- | C] () -- C:\WINDOWS\SysWow64\DSBProxy.ini
      [2017/06/20 11:09:40 | 000,004,680 | ---- | C] () -- C:\WINDOWS\SysWow64\DSBProxyOff.ini
      [2016/12/18 21:18:00 | 001,766,496 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
      [2016/10/11 18:46:53 | 001,823,232 | ---- | C] () -- C:\WINDOWS\SysWow64\InputService.dll
      [2016/08/10 22:34:39 | 000,200,704 | ---- | C] () -- C:\WINDOWS\SysWow64\TextInputFramework.dll
      [2015/08/11 23:20:38 | 000,040,948 | RHS- | C] () -- C:\ProgramData\ntuser.pol
      [2015/08/11 12:02:21 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
      [2014/07/09 10:32:03 | 000,007,657 | ---- | C] () -- C:\Users\VASCOS\AppData\Local\resmon.resmoncfg
      [2013/12/11 16:16:33 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl

      ========== ZeroAccess Check ==========


      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\windows.storage.dll -- [2016/10/25 04:35:54 | 006,488,304 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\windows.storage.dll -- [2016/10/25 03:15:08 | 005,118,024 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015/07/10 05:59:53 | 000,995,328 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2015/07/10 06:00:23 | 000,754,688 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/09/06 23:15:44 | 000,516,096 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2016/06/08 21:31:14 | 000,000,000 | ---D | M] -- C:\Users\VASCOS\AppData\Roaming\Dropbox
      [2014/04/23 17:41:01 | 000,000,000 | RHSD | M] -- C:\Users\VASCOS\AppData\Roaming\InstallDir
      [2017/10/29 15:30:55 | 000,000,000 | ---D | M] -- C:\Users\VASCOS\AppData\Roaming\IObit
      [2017/11/02 12:45:45 | 000,000,000 | ---D | M] -- C:\Users\VASCOS\AppData\Roaming\Panda Security
      [2017/11/03 12:54:21 | 000,000,000 | ---D | M] -- C:\Users\VASCOS\AppData\Roaming\QuickScan
      [2016/09/16 22:34:50 | 000,000,000 | ---D | M] -- C:\Users\VASCOS\AppData\Roaming\Search The Web
      [2014/06/13 16:18:45 | 000,000,000 | ---D | M] -- C:\Users\VASCOS\AppData\Roaming\Verimatrix
      [2017/03/28 11:03:02 | 000,000,000 | ---D | M] -- C:\Users\VASCOS\AppData\Roaming\VS Revo Group
      [2015/05/03 20:25:50 | 000,000,000 | ---D | M] -- C:\Users\VASCOS\AppData\Roaming\ZHP

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2015/03/05 10:03:59 | 000,000,000 | -H-- | M] () -- C:\asc_rdflag
      [2015/07/10 06:00:31 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
      [2017/12/17 13:40:56 | 1717,219,328 | -HS- | M] () -- C:\hiberfil.sys
      [2017/12/17 13:41:01 | 738,197,504 | -HS- | M] () -- C:\pagefile.sys
      [2017/12/17 13:41:01 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:612B5BD9
      @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34

      < End of report >

      Quedo atento a seguir recibiendo la ayuda que me puedan brindar.::pensar:

    8. #8
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.210

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro:

      • Para hacerlo descarga >> DelFix.exe en tu escritorio.

        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

        • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      Ahora ejecuta de nuevo OTL.exe pero en Modo Seguro.



      1.- Copiar el siguiente texto (excluyendo la palabra Código):

      Código:
      :OTL
      DRV:64bit: - (panda_url_filteringd) -- C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll File not found
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll File not found
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll File not found
      [2017/10/23 23:21:28 | 001,313,216 | ---- | M] () (No name found) -- C:\Users\VASCOS\AppData\Roaming\mozilla\firefox\profiles\zjv9w8fk.default-1474085608708\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi
      [2017/02/21 08:37:22 | 000,868,919 | ---- | M] () (No name found) -- C:\Users\VASCOS\AppData\Roaming\mozilla\firefox\profiles\zjv9w8fk.default-1474085608708\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}.xpi
      [2017/12/11 19:59:45 | 000,005,507 | ---- | M] () (No name found) -- C:\Users\VASCOS\AppData\Roaming\mozilla\firefox\profiles\zjv9w8fk.default-1474085608708\features\{644c3211-148c-4262-ab3b-730f394d3cef}\[email protected]
      O1364bit: - gopher Prefix: missing
      O18 - Protocol\Handler\ms-help - No CLSID value found
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\backitup.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\cdspeed.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\coverdes.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\drivespeed.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\dropbox.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\infotool.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\nero.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\nerohome.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\neromediahome.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\neroscoutoptions.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\nerostartsmart.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\neroupgrade.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\nerovision.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\photosnap.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\photosnapviewer.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\recode.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\setupneromobile.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\setupx.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27:64bit: - HKLM IFEO\showtime.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\AcroRd32.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\backitup.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\cdspeed.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\coverdes.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\drivespeed.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\dropbox.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\infotool.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\nero.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\nerohome.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\neromediahome.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\neroscoutoptions.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\nerostartsmart.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\neroupgrade.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\nerovision.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\photosnap.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\photosnapviewer.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\recode.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\setupneromobile.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\setupx.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      O27 - HKLM IFEO\showtime.exe: Debugger - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" File not found
      @Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:612B5BD9
      @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
      
      :Files
      ipconfig /flushdns /c
      ipconfig /registerdns /c
      ipconfig /release /c
      ipconfig /renew /c
      
      :Commands
      [purity]
      [resethosts]
      [emptyflash]
      [emptytemp]
      [emptyjava]
      [createrestorepoint]
      [Reboot]

      2.- Pegar el contenido sobre el apartado: Análisis Personalizados /Código de Reparación.


      3.- Presionar el botón Reparar para comenzar el procedimiento. Presionar OK.


      OTL va a reiniciar el ordenador para completar el procedimiento.

      Guardar el nuevo reporte generado. Copiar y pegarlo en su próxima respuesta, comentando como funciona el Sistema.

      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de jovasan
      Registrado
      mar 2008
      Ubicación
      Colombia
      Mensajes
      102
      Gracias por responder; voy a realizar lo que me recomiendas y una vez realizado te estaré informando.




      Anexo el log de OTL en MODO SEGURO.

      All processes killed
      ========== OTL ==========
      Service panda_url_filteringd stopped successfully!
      Service panda_url_filteringd deleted successfully!
      File C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys File not found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\Adobe Reader\ deleted successfully.
      C:\Users\VASCOS\AppData\Roaming\mozilla\firefox\profiles\zjv9w8fk.default-1474085608708\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi moved successfully.
      C:\Users\VASCOS\AppData\Roaming\mozilla\firefox\profiles\zjv9w8fk.default-1474085608708\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}.xpi moved successfully.
      C:\Users\VASCOS\AppData\Roaming\mozilla\firefox\profiles\zjv9w8fk.default-1474085608708\features\{644c3211-148c-4262-ab3b-730f394d3cef}\[email protected] moved successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
      File Protocol\Handler\ms-help - No CLSID value found not found.
      64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backitup.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cdspeed.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\coverdes.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drivespeed.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dropbox.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infotool.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nero.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerohome.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neromediahome.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neroscoutoptions.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerostartsmart.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neroupgrade.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerovision.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photosnap.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photosnapviewer.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\recode.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setupneromobile.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setupx.exe\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\showtime.exe\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backitup.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cdspeed.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\coverdes.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drivespeed.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dropbox.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infotool.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nero.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerohome.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neromediahome.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neroscoutoptions.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerostartsmart.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neroupgrade.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerovision.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photosnap.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photosnapviewer.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\recode.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setupneromobile.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setupx.exe\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\showtime.exe\ not found.
      ADS C:\ProgramData\TEMP:612B5BD9 deleted successfully.
      ADS C:\ProgramData\TEMP:5C321E34 deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\VASCOS\Desktop\cmd.bat deleted successfully.
      C:\Users\VASCOS\Desktop\cmd.txt deleted successfully.
      < ipconfig /registerdns /c >
      Configuraci¢n IP de Windows
      Se inici¢ el registro de los registros de recursos DNS para todos
      los adaptadores de este equipo. Cualquier error se notificar* en
      el Visor de eventos en 15 minutos.
      C:\Users\VASCOS\Desktop\cmd.bat deleted successfully.
      C:\Users\VASCOS\Desktop\cmd.txt deleted successfully.
      < ipconfig /release /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Wi-Fi 3 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local* 2 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
      est‚n desconectados.
      Adaptador de LAN inal*mbrica Wi-Fi 3:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de LAN inal*mbrica Conexi¢n de *rea local* 2:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de Ethernet Ethernet 2:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de Ethernet Ethernet:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Direcci¢n IPv6 . . . . . . . . . . : fdd4:6e5c:d70b:4900:d27:85fd:fed6:f68
      Direcci¢n IPv6 temporal. . . . . . : fdd4:6e5c:d70b:4900:207b:832f:f177:5bab
      V¡nculo: direcci¢n IPv6 local. . . : fe80::d27:85fd:fed6:f68%2
      Puerta de enlace predeterminada . . . . . :
      C:\Users\VASCOS\Desktop\cmd.bat deleted successfully.
      C:\Users\VASCOS\Desktop\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Wi-Fi 3 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local* 2 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
      est‚n desconectados.
      Adaptador de LAN inal*mbrica Wi-Fi 3:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de LAN inal*mbrica Conexi¢n de *rea local* 2:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de Ethernet Ethernet 2:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de Ethernet Ethernet:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Direcci¢n IPv6 . . . . . . . . . . : fdd4:6e5c:d70b:4900:d27:85fd:fed6:f68
      Direcci¢n IPv6 temporal. . . . . . : fdd4:6e5c:d70b:4900:207b:832f:f177:5bab
      V¡nculo: direcci¢n IPv6 local. . . : fe80::d27:85fd:fed6:f68%2
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.13
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.254
      C:\Users\VASCOS\Desktop\cmd.bat deleted successfully.
      C:\Users\VASCOS\Desktop\cmd.txt deleted successfully.
      ========== COMMANDS ==========
      C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYFLASH]

      User: Administrador

      User: All Users

      User: Default

      User: Default User

      User: Default.migrated

      User: Invitado

      User: Public

      User: VASCOS
      ->Flash cache emptied: 2187 bytes

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: Administrador

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default.migrated

      User: Invitado

      User: Public

      User: VASCOS
      ->Temp folder emptied: 3460785 bytes
      ->Temporary Internet Files folder emptied: 128 bytes
      ->FireFox cache emptied: 24491698 bytes
      ->Google Chrome cache emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 143406 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 27,00 mb


      [EMPTYJAVA]

      User: Administrador

      User: All Users

      User: Default

      User: Default User

      User: Default.migrated

      User: Invitado

      User: Public

      User: VASCOS

      Total Java Files Cleaned = 0,00 mb

      Unable to start System Restore Service. Error code 1084

      OTL by OldTimer - Version 3.2.69.0 log created on 12182017_142055

      Files\Folders moved on Reboot...
      File move failed. C:\Users\VASCOS\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
      File move failed. C:\Users\VASCOS\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

      Sigo sin poder crear Punto de Restauración y la PC sigue lenta, he desactivado los programas que se iniciaban al arrancar y no mejora. Espero me sigan ayudando.




      Estaré atento a cualquier información.

    10. #10
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.210

      Re: Pc muy lenta y no puedo crear punto de restauracion.

      Necesito un poquito más de información de tu sistema Por favor, ahora vas a realizar el siguiente procedimiento:


      1º paso.- Descarga en el escritorio las siguientes herramientas, pero no las ejecutes todavía:



      2º paso.- Reinicia en "Modo Seguro" (si no puedes iniciar en Modo Seguro, omites este paso).

      3º paso.- Ejecuta ahora DrWebCureIt. Para hacerlo correctamente, dedica unos segundos a leer su manual. Esta herramienta puede tardar muchííííísimo en realizar su escaner, pero ármate de paciencia y déjala que termine su trabajo.

      Su reporte también es muy largo. Para que no sea tan inmenso y me lo puedas adjuntar en tu próxima respuesta (para que pueda analizarlo y evaluar la importancia de las infecciones encontradas ), realiza lo siguiente:

      Antes de comenzar el escaneo se recomienda presionar el icono en forma de llave inglesa y de las opciones elegirá Configuración:
      En la ventana ira a Log y pondrá el nivel en mínimo y deberá dar en OK para guardar los cambios.


      Advertencia. Si esta sección se deja en Máximo o Medio el reporte será innecesariamente extenso y no podrá publicarlo en el tema del foro en donde lo estén ayudando. Si aún así el reporte sigue siendo muy extenso, ponga en el foro solo la parte correspondiente a las infecciones eliminadas/curadas.
      Si aún así el reporte sigue siendo demasiado largo, pegue en el foro solo la última parte del reporte donde dice las infecciones que ha localizado y eliminado. Con esa parte es suficiente: a partir de donde dice Start Curing. El resto del reporte es totalmente innecesario.

      4º paso.- Ahora reinicias en modo normal y ejecutas Eset Smart Installer:

      Ejecutar y marcar, las casillas Eliminar las amenazas detectadas y analizar archivos.
      • Dar en Configuración adicional, marcar las casillas de Analizar en busca de aplicaciones potencialmente indeseables, Analizar en busca de aplicaciones potencialmente peligrosas y Activar la tecnoligía Anti-Stealth.
      • Dar en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.
      • Acabado el scan dar en Finalizar. El reporte se puede localizar en C:\Archivos de programa\ESET\ESET Online Scanner\log. Me dejas este reporter en tu próxima contestación.


      5º paso.- Por último vamos a ejecutar Farbar Recovery Scan Tool (FRST) que lo debes de tener descargado en tu escritorio:

      • La guardas en el Escritorio >> Esto es muy importante..
      • Con todos los programas /ventanas cerrados, doble clic para ejecutar Frst.exe/Frst64.exe según el caso.
      • En la ventana del Disclaimer, presiona Yes.
      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.
      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta.
      • Utiliza dos mensajes si te dice que es muy largo.


      En tu próxima respuesta, me dejas los reportes de Eset Smart Installer, DrWebCureIt y FRST, y me comentas como sigue funcionando el equipo.

      Saludos
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 4 1234 ÚltimoÚltimo